WO2018007916A1 - A blockchain-implemented control method and system for controlling an external process or system - Google Patents

A blockchain-implemented control method and system for controlling an external process or system Download PDF

Info

Publication number
WO2018007916A1
WO2018007916A1 PCT/IB2017/053957 IB2017053957W WO2018007916A1 WO 2018007916 A1 WO2018007916 A1 WO 2018007916A1 IB 2017053957 W IB2017053957 W IB 2017053957W WO 2018007916 A1 WO2018007916 A1 WO 2018007916A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
input
pubkey
blockchain
public key
Prior art date
Application number
PCT/IB2017/053957
Other languages
French (fr)
Inventor
Ying Chan
Original Assignee
nChain Holdings Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by nChain Holdings Limited filed Critical nChain Holdings Limited
Priority to KR1020197002687A priority Critical patent/KR102467625B1/en
Priority to US16/315,524 priority patent/US11463260B2/en
Priority to SG11201811008RA priority patent/SG11201811008RA/en
Priority to CN201780037506.1A priority patent/CN109478278B/en
Priority to JP2018567907A priority patent/JP7096774B2/en
Priority to EP17740487.8A priority patent/EP3482365A1/en
Publication of WO2018007916A1 publication Critical patent/WO2018007916A1/en
Priority to ZA2019/00510A priority patent/ZA201900510B/en
Priority to JP2022101488A priority patent/JP7344350B2/en
Priority to US17/958,029 priority patent/US20230144153A1/en
Priority to JP2023142211A priority patent/JP2023162388A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2379Updates performed during online database operations; commit processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2147Locking files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • This invention relates generally to distributed ledger technology (including blockchain related technologies), and in particular the use of a blockchain in implementing, controlling and/or automating a task or process. It may relate to the use of a blockchain or related technology for recording or representing the execution of a portion of logic. This portion of logic may be arranged to implement the functionality of a logic gate, or plurality of logic gates, such as AND, XOR, NOT, OR etc..
  • a blockchain is an electronic ledger which is implemented as a computer-based decentralised, distributed system made up of blocks which in turn are made up of transactions.
  • Each transaction includes at least one input and at least one output.
  • Each block contains a hash of the previous block so that blocks become chained together to create a permanent, unalterable record of all transactions which have been written to the blockchain since its inception.
  • Transactions contain small programs known as scripts embedded into their inputs and outputs, which specify how and by whom the outputs of the transactions can be accessed. On the Bitcoin platform, these scripts are written using a stack-based scripting language.
  • a computer- implemented method of executing a portion of logic may be described as a control method. It may control the operation of a hardware and/or software resource. It may control the execution of a computer- implemented process. Additionally or alternatively, the method may provide a technical mechanism for using a blockchain to record or represent the execution, or the result of the execution, of a portion of logic.
  • the method may comprise the steps:
  • generating a blockchain Transaction which comprises: at least one signed input which comprises a value;
  • the result may be used to modify the output such that the Transaction represents the result.
  • the transaction may provide a record of the execution of the portion of logic. This record may be stored on a blockchain. It may provide a record of the result of the execution. It may provide a record which comprises parameters relating to the execution.
  • blockchain' is intended to include all forms of electronic, computer-based distributed ledgers including blockchain and transaction-chain technologies, alt-chains, permissioned and un-permissioned ledgers, shared ledgers and variations thereof.
  • the portion of logic may be a computer-implemented process. It may be arranged to perform a specified task.
  • the portion of logic may be external to one or both of the Transaction and the blockchain.
  • a Controller i.e. the owner of the Transaction and the only entity which can update the transaction's outputs after the inputs are signed
  • the external Controller can apply the portion of logic to the extracted value to obtain the result and communicate with the Transaction to modify the output of the Transaction based on the result.
  • the portion of logic can be representative of a system which is external to one or both of the Transaction and the blockchain and the method further comprises modifying a state of the system based on the modified output of the Transaction.
  • the invention can be envisaged to utilize the inherent security of the blockchain system to implement, or at least record the state of, external ("off-block") logic systems thereby extending the functionality and security of the blockchain system to external systems.
  • the external system can be any system external to the blockchain whose functionality can, for example, be reduced to a mathematical function, algorithm, or portion of logic such as the functionality of a logic gate or a plurality of logic gates.
  • Such systems will generally have one or more inputs and perform one or more operations on the inputs to generate one or more outputs.
  • Embodiments of the present invention are useful to ensure that a Controller of such a system remains in control of the system and that the system is robust to attack (e.g. hacking) from another entity.
  • a technical problem solved by at least certain embodiments of the present invention is how to utilize the inherent security of a blockchain system for controlling external "off-block" systems.
  • a technical problem solved by at least certain embodiments of the present invention is how to increase the security of the external system so that it is robust to hack attacks from third parties.
  • Examples of external systems to which the present invention can be applied are described herein and include: trading platforms; electronic locks; vehicle control systems; sensors; lighting systems; heating/cooling systems; alarm systems; and industrial manufacturing systems.
  • trading platforms include: trading platforms; electronic locks; vehicle control systems; sensors; lighting systems; heating/cooling systems; alarm systems; and industrial manufacturing systems.
  • sensors include: lighting systems; heating/cooling systems; alarm systems; and industrial manufacturing systems.
  • embodiments of the present invention can in principle be applied to introduce the functionality of a blockchain system into any external system which can be represented by one or more inputs, one or more operations on the inputs; and one or more outputs.
  • the portion of logic may be arranged to implement the functionality of a logic gate or plurality of logic gates.
  • the logic gate may be an AND, NOT, OR, NOR, XOR, IMPLY, NAND, NONIMPLY or XNOR gate.
  • the method may further comprise the step of submitting the Transaction to a blockchain.
  • the signed input may be provided to the Transaction using an unlocking script.
  • the at least one input may be signed using a signature hash type which renders the input as non-modifiable.
  • the signature hash type may be SIGHASH_NONE.
  • the Transaction may further comprise at least one unsigned input.
  • the method may further comprise the step of submitting the Transaction to a blockchain. It may comprise the step of signing the unsigned input after the output has been modified.
  • the unsigned input may be signed using a signature hash type which prevents modification of the whole Transaction.
  • the signature hash type may be SIGHASH_ALL.
  • the value may be embedded in a public key associated with the signed input. Additionally or alternatively, it may be extracted from the public key so as to provide it to the portion of logic.
  • the method may further comprise the step of establishing and/or selecting a protocol and using the protocol to embed the value in the public key.
  • the public key may be used to create a locking script in an intermediate blockchain Transaction.
  • the method may further comprise the step of submitting the intermediate Transaction to a blockchain.
  • the value may be embedded in the public key by generating a new public key P' wherein:
  • P is a base or initial public key
  • G is an Elliptic Curve function, such as secp256kl
  • x denotes elliptic curve multiplication by scalar
  • the method may further comprise the step of generating a new private key corresponding to the new public key, wherein:
  • V V + HASH(value + S)
  • the value which is embedded in the public key may be selected from a specified range of values.
  • the invention also provides a corresponding system. The system may be arranged to implement any embodiment of the method described above.
  • the invention may provide a computer- implemented system comprising:
  • a blockchain or other type of electronic ledger This may be a distributed ledger.
  • Figure 1 shows an example transaction and the parts which are hashed with
  • SIGHASH_ALL and S IGH AS H_NONE Figure 2a shows how a function Controller establishes a PubKey Protocol with each Input Source.
  • Figure 2b illustrates a scenario wherein an input source has a value to communicate and calculates a value-embedded public key (PubKey) according to its protocol (PubKey protocol).
  • Figure 2c illustrates a scenario wherein an input source uses the value-embedded PubKey to create a locking script which is used in one of the outputs of an intermediate transaction.
  • Figure 2d illustrates a scenario wherein the Transaction is created; unsigned input from the Controller and each input is added
  • Figure 2e illustrates a scenario wherein every input source signs their respective input to the Transaction with signature type SIGHASH_NONE.
  • Figure 2f illustrates a scenario wherein the Controller takes the value-embedded PubKey from each Input Source's unlocking scripts in the Transaction and extracts the embedded value based on the associated PubKey protocol
  • Figure 2g illustrates a scenario wherein the Controller applies the function to the extracted values, and modifies the transaction output(s) based on the result.
  • Figure 2h illustrates a scenario wherein the Controller signs its input using
  • FIGS 3 to 8 show blockchain transactions used in accordance with use case example 1 provided below.
  • Figures 9 to 14 show blockchain transactions used in accordance with use case example 2 provided below.
  • Figures 15 to 20 show blockchain transactions used in accordance with use case example 3 provided below.
  • FIGS 21a to 25 show blockchain transactions used in accordance with use case example
  • FIGS 26a to 30 show blockchain transactions used in accordance with use case example
  • Figures 31 to 35 show blockchain transactions used in accordance with use case example 6 provided below.
  • Figures 36a to 40 show blockchain transactions used in accordance with use case example 7 provided below.
  • Figures 41a to 45 show blockchain transactions used in accordance with use case example 7 provided below.
  • This embodiment includes techniques relating to:
  • the invention provides a novel and advantageous solution for using a blockchain to implement a function.
  • the blockchain is used to provide a record of the execution of the function and/or a result of its result.
  • a function can be a subroutine or procedure (i.e. a process or portion of logic) which is applied to a set of inputs and returns a set of outputs
  • the function is executed Off-block' ie its performance is not blockchain-dependent.
  • the function is performed by a computer-based resource.
  • a blockchain (e.g. Bitcoin) transaction is a transfer of (e.g. Bitcoin) value which typically references previous transaction outputs as new transaction inputs and dedicates all input values to new outputs. Transactions are not encrypted, so it is possible to browse and view every transaction ever collected into a block. It would be highly advantageous, however, to be able to construct a blockchain transaction which acts as a function, where the transaction output(s) are conditional or dependent on the information embedded in the transaction input(s).
  • Important aspects of the present invention include (but are not limited to) a method for creating a blockchain transaction that represents a function where:
  • the present invention includes the following:
  • a technique for securely embedding a value in Elliptic Curve Public/Private Keys The invention includes a technique for Secret Value Distribution allowing values to be securely embedded in elliptic curve public/private cryptographic keys. The value can be extracted by the receiving party in linear time, but remains intractable for attackers even if the parameters communicated to establish the embedding method are compromised
  • the invention will be illustrated via use case examples provided below, in which blockchain (e.g. Bitcoin) transactions can be used to represent the functionality provided by a logic gate.
  • the invention utilises techniques for embedding a message in cryptographic (public/private) keys, and also for establishing a shared secret. These are described as follows. Message Embedding
  • V' V + M Integer addition
  • V and P' are the private/public keys with message M embedded
  • a sending party can embed a value using a secure formula M such as:
  • V V + HASH(value + S) value embedded private key
  • P is a base or initial public key
  • G is an Elliptic Curve function, such as secp256kl
  • x denotes elliptic curve multiplication by scalar
  • the hashing function is one directional and difficult to reverse • Shared Secret S is used as a hash salt. This means that even if all other parameters are compromised, an attacker cannot simply iterate through the possible values to work out the embedded value. S is guaranteed to be secure unless the private keys are compromised.
  • the receiver of a value embedded in a public key can extract the value in linear time. This is done by calculating a value-embedded public key for each possible value until a match is found. This can be achieved by:
  • v_0, v_l, ... , v_n is a range, rather than a set
  • v' M(v, P, S, G) //M is the formula using EC arithmetic to embed v
  • This section presents a method for constructing a blockchain transaction where the outputs are conditioned on the inputs. This is based off knowledge about using signature types SIGHASH_ALL and S IGH AS H_NONE which is available in the public domain:
  • Bitcoin signatures are a hash of select parts of a Transaction. The parts that are selected are determined by the signature hash type. The signature secures the hashed parts as any modification will yield a different signature thus showing tampering.
  • Figure 1 shows an example transaction and the parts which are hashed with SIGHASH_ALL and
  • the Owner determines the output, and updates the transaction
  • the invention can combine all of the previously described concepts/methods.
  • the Owner of the function i.e. the resource which is responsible for executing the function
  • Input Sources One of the entities which adds an input containing a Value Embedded
  • a sender communicates the Value Embedded PubKey through one of the input unlocking scripts in the receiver's transaction (the sender must let the receiver know which key has a value embedded) ementation
  • a Controller establishes a PubKey Protocol with each Input Source, as shown in
  • Input Source has a value to communicate and calculates a Value Embedded
  • PubKey according to its PubKey Protocol, as shown in Figure 2b 3.
  • Input Source uses the Value Embedded PubKey to create a locking script which is used in one of the outputs of an Intermediate Transaction (created by Input Source).
  • the Intermediate Transaction is submitted to the blockchain; it is not important whether the locking script is P2PKH or P2SH. This is shown in Figure 2c. 4.
  • Transaction is created and unsigned input from Controller and each Input Source
  • Controller takes the Value Embedded Pub Key from each Input Source's unlocking scripts in the transaction and extracts the value embedded based on the associated PubKey Protocol; see Figure 2f.
  • Controller applies the function to the extracted values, and modifies the transaction output(s) based on the result; see Figure 2g.
  • Controller signs its input using SIGHASH_ALL, and submits the transaction to the blockchain; see Figure 2h.
  • Alice is a self-taught trader who sees an opportunity to make extra income by trading Company XYZ Stock Options. She opens an account with a particular Online Stock Exchange which accepts payments in Bitcoin. Alice develops a simple Trading Bot, Share Prices Bot, and a Market Index Value Bot. (Each "bot” is a computer-based resource arranged to perform an automated task or process).
  • the Share Prices Bot and Market Index Value Bot are setup such that:
  • the Trading Bot buys call and put options based on the market data it receives:
  • Bot private/public key pair X which has 1BTC
  • Bot private/public key pair Y which has IBTC Exchange takes payments for Put and Call Options at public key E_PUT and E_CALL respectively
  • Trading Bot takes ⁇ PubKey X'> from the unlocking script, and calculates Value Embedded Pub Keys for PI, P2, ..., P10 until it finds a matching pubkey with P5
  • Trading Bot takes applies the XOR logic gate to the values, and determines that it should buy a call option
  • Combination Locks simply sends the 4 digit code but does not evaluate whether the code TRUE or FALSE.
  • Combination Lock B owns private/public key pair B which has 1BTC
  • Controller owns private/public key pair C which has 1BTC
  • Vault owns private/public key pair V_DOOR and V_ALARM
  • Controller established a PubKey Protocol with Combination Lock A and Combination Lock B to allow secure communication of signals:
  • Controller & Combination Lock A calculates this by using each other' s public key
  • PubKey A' PubKey A + SHA256(value ⁇ S)
  • Controller & Combination Lock B calculates this by using each other' s public key
  • PubKey B' PubKey B + SHA256(value ⁇ S)
  • PubKey A' PubKey A + SHA256(' l 111 ' ⁇ S) x G
  • PubKey B' PubKey B + SHA256('2222' ⁇ S) x G
  • Controller uses the Bitcoin transaction inputs from the Combination Locks and creates a Bitcoin transaction representing an AND gate (AND Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 12
  • Controller uses its PubKey Protocol with Combination Lock A to calculate a Value Embedded PubKey for each 4 digit combination 0000, 0001, ..., 9998, 9999 until it finds one which matches PubKey A'
  • Controller uses its PubKey Protocol with Combination Lock B to calculate a Value Embedded PubKey for each 4 digit combination 0000, 0001, ..., 9998, 9999 until it finds one which matches PubKey B' a. Controller finds that '2222' produces the same Value Embedded PubKey as PubKey B'
  • Controller applies the AND gate logic to the combinations:
  • Controller updates AND Gate Transaction's output to send signal to V_DOOR and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain: See figure 14
  • Switch A is off (auto-landing), the landing gear is always extended regardless of Switch B.
  • Switch A is on (manual mode), the landing gear is extended based on Switch B.
  • This is an implementation of an IMPLY gate.
  • the whole system consists of 4 entities: Switch A, Switch B, Controller, and Landing Gear.
  • Switch A owns private/public key pair A which has 1BTC
  • Switch B owns private/public key pair B which has 1BTC
  • Controller owns private/public key pair C which has 1BTC
  • Landing Gear Extending System owns private/public key pair L_EXTEND and L_RETRACT
  • Controller established a PubKey Protocol with Switch A and Switch B to allow secure communication of signals:
  • Controller & Switch A calculates this by using each other' s public key
  • PubKey A' PubKey A + SHA256(value ⁇ S)
  • Controller & Switch B calculates this by using each other' s public key
  • PubKey B ' PubKey B + SHA256(value ⁇ S)
  • Switch A The Pilot prepares for landing and turns Switch A off (auto-landing). Each Switch embeds their state into a Value Embedded Pub Key (Pub Key A' and Pub Key B') a.
  • Switch A
  • PubKey A' PubKey A + SHA256(Off ⁇ S) x G
  • PubKey B' PubKey B + SHA256(Off ⁇ S) x G
  • Controller uses the Bitcoin transaction inputs from the Switches and creates a Bitcoin transaction representing an IMPLY gate (IMPLY Gate Transaction).
  • This transaction includes an input from the Controller itself, so that it alone can modify the outputs.
  • Controller requests for Switch A and Switch B to sign their respective input in the IMPLY Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified - See figure 19
  • Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for On and Off, to find a match with PubKey A'
  • Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for On and Off, to find a match with PubKey B '
  • Controller applies the IMPLY gate logic:
  • Controller updates IMPLY Gate Transaction's output to send signal to L_EXTEND and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain: See figure 20
  • Switch A owns private/public key pair A which has 1BTC
  • Switch B owns private/public key pair B which has 1BTC
  • Controller owns private/public key pair C which has 1BTC
  • Controller established a PubKey Protocol with Switch A and Switch B to allow secure communication of signals:
  • Controller & Switch A calculates this by using
  • PubKey A' PubKey A + SHA256(value ⁇ S)
  • Controller & Switch B calculates this by using
  • PubKey B' PubKey B + SHA256(value ⁇ S)
  • Switch A detects that its door has changed from closed opened, while Switch B detects that its door remains closed.
  • Each Switch embeds their respective state (Open and Close) into a Value Embedded PubKey (PubKey A' and PubKey B') a.
  • Switch A :
  • PubKey A' PubKey A + SHA256('Open' ⁇ S) x G
  • PubKey B' PubKey B + SHA256( 'Close' ⁇ S) x G
  • Switches send the Controller an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. See Figure 22 for a.
  • Controller uses the Bitcoin transaction inputs from the Switches and creates a Bitcoin transaction representing a NAND gate (NAND Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See figure 23
  • Controller requests for Switch A and Switch B to sign their respective input in the NAND Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See figure 24
  • Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for each state Open and Close.
  • Controller uses its PubKey Protocol with Switch B to calculate a Value Embedded PubKey for each state Open and Close
  • Controller applies the NAND gate logic to the switch states:
  • Switch B owns private/public key pair B which has 1BTC
  • Controller owns private/public key pair C which has 1BTC
  • Controller established a PubKey Protocol with Sensor A and Switch B to allow secure communication of signals:
  • Controller uses the Bitcoin transaction inputs from the Sensor and Switch to create a Bitcoin transaction representing a NONIMPLY gate (NONIMPLY Gate
  • This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See figure 28.
  • Controller requests for Sensor A and Switch B to sign their respective input in the NONIMPLY Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See figure 29.
  • Controller uses its PubKey Protocol with Sensor A to calculate a Value Embedded PubKey for Car and No Car, to find a match with PubKey A'
  • Controller finds that Car produces the same Value Embedded PubKey as PubKey A' Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded Pub Key for Manual On and Manual Off, to find a match with PubKey B'
  • Controller applies the NONIMPLY gate logic:
  • Controller updates NONIMPLY Gate Transaction's output to send signal to L_ON and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain. See figure 30.
  • Controller owns private/public key pair C which has 1BTC
  • Controller and Switch establishes a PubKey Protocol with the following parameters:
  • Switch detects a change when the crown is removed. Switch embeds signal 'false' into a Value Embedded PubKey (PubKey X')
  • PubKey X' PubKey X + SHA256( 'false' ⁇ S) x G
  • Switch creates and submits to the blockchain an Intermediate Transaction with an output to its Value Embedded PubKey. See Figure 31
  • Switch sends Controller an unsigned Bitcoin transaction input spending Output 1 of the Intermediate Transaction. See figure 32 6.
  • Controller creates a Bitcoin transaction representing an NOT gate (NOT Gate Transaction) including the Bitcoin transaction input received from Switch. See figure 33 7.
  • Controller requests Switch to sign its input in NOT Gate Transaction so that it is locked in
  • Controller calculates Value Embedded PubKey for 'true' and 'false', and compares it with the Value Embedded PubKey (PubKey X') from the unlocking script. It finds a match with 'false'
  • Controller applies the NOT gate to the value 'false', and determines that it should send a signal to Activate Alarm (A_ACTIVATE)
  • Controller updates NOT Gate Transaction's output to send a signal to
  • the Controller All logic evaluation is performed by the Controller.
  • the Temp. Sensors simply sends the temperature reading but does not evaluate whether it is hot or cold.
  • Controller owns private/public key pair C which has 1BTC
  • Airflow System owns private/public key pair S_COOL and S_WARM
  • Controller established a PubKey Protocol with Temp. Sensor A and Temp. Sensor B to allow secure communication of signals: a. Controller & Temp. Sensor A's PubKey Protocol parameters:
  • Controller & Temp. Sensor A calculates this by
  • PubKey A' PubKey A + SHA256(value ⁇ S)
  • Controller & Temp. Sensor B calculates this by using each other's public key
  • PubKey B' PubKey B + SHA256(value ⁇ S)
  • Temp. Sensor A detects a change from 21 to 20. Each Temp. Sensor embeds their reading into a Value Embedded PubKey (PubKey A' and PubKey B')
  • PubKey A' PubKey A + SHA256(20 ⁇ S) x G
  • PubKey B' PubKey B + SHA256(27 ⁇ S) x G
  • Sensors create and submit to the blockchain a Bitcoin transaction (Intermediate Transaction) with an output to their respective Value Embedded PubKey
  • Both Temp. Sensor create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the
  • Controller uses the Bitcoin transaction inputs from the Temperature Sensors and creates a Bitcoin transaction representing an OR gate (OR Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 38 7. Controller requests for Temp. Sensor A and Temp. Sensor B to sign their respective input in the OR Gate Transaction using SIGHASH_NONE. This locks in the inputs, while still allowing the outputs to be modified. See Figure 39
  • Controller uses its PubKey Protocol with Temp. Sensor A to calculate a Value Embedded PubKey for each temperature -30, -29, ..., 49, 50 until it finds one which matches PubKey A'
  • Controller finds that 20 produces the same Value Embedded PubKey as PubKey A' 9. Controller uses its PubKey Protocol with Temp. Sensor B to calculate a Value Embedded PubKey for each temperature -30, -29, ..., 49, 50 until it finds one which matches PubKey B'
  • Controller applies the OR gate logic to the temperature readings:
  • Airflow system upon seeing a transaction output to S_COOL, expels cool air
  • Scanner A Scanner B
  • Controller Controller
  • Production System Both detectors send a belief to the controller when either one detects a change.
  • Scanner Belief A 90%
  • XNOR Scanner Belief B 60%
  • Detecting stitches is less accurate than detecting red, so a larger range of acceptable values is used for Scanner B.
  • Scanner B Controller to Prod.
  • Scanner A to Controller to Prod.
  • Scanner B Controller to Prod.
  • Scanner A to Controller to Prod.
  • Controller owns private/public key pair C which has 1BTC
  • Controller established a PubKey Protocol with Scanner A and Scanner B to allow secure communication of signals:
  • Controller & Scanner A calculates this by using
  • PubKey A' PubKey A + SHA256(value ⁇ S) x G
  • Controller & Scanner B calculates this by using
  • PubKey B' PubKey B + SHA256(value ⁇ S)
  • PubKey A' PubKey A + SHA256(100% ⁇ S) x G
  • PubKey B' PubKey B + SHA256(75% ⁇ S) x G
  • Scanner B's transaction input Controller uses the Bitcoin transaction inputs from the Scanners and creates a Bitcoin transaction representing a XNOR gate (XNOR Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 43 Controller requests for Scanner A and Scanner B to sign their respective input in the XNOR Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See Figure 44. Controller uses its PubKey Protocol with Scanner A to calculate a Value Embedded PubKey for each belief 0, 5, ..., 95, 100% until it finds one which matches PubKey A'
  • Controller finds that 100% produces the same Value Embedded PubKey as PubKey A' Controller uses its PubKey Protocol with Scanner B to calculate a Value Embedded PubKey for each belief 0, 5, ..., 95, 100% until it finds one which matches PubKey B'
  • the invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer.
  • a device claim enumerating several means several of these means may be embodied by one and the same item of hardware.
  • the mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Abstract

The invention provides a computer-implemented method and corresponding system which is implemented using an electronic ledger such as a blockchain. This may or may not be the Bitcoin blockchain. The invention can be used to implement, execute and/or control the performance of a task or process. A method according to the invention comprises the steps of generating a blockchain Transaction which comprises: at least one signed input which comprises a value; and at least one modifiable output. It further comprises the step of extracting the value from the signed input and providing it to a portion of logic to obtain a result; and using the result to modify the output of the Transaction. The transaction provides a record and/or representation of the execution of the portion of logic and/or the result. The signed input is provided to the Transaction using an unlocking script. The at least one input is signed using a signature hash type which renders the input as non-modifiable. This may be the signature hash type SIGHASH_NONE. The Transaction may further comprise at least one unsigned input. The unsigned input may be signed after the output has been modified. The unsigned input can be signed using a signature hash type which prevents modification of the whole Transaction, and may be the signature hash type is SIGHASH_ALL. Further the value can be embedded in a public key associated with the signed input; and extracted from the public key so as to provide it to the portion of logic. The portion of logic can be arranged to implement the functionality of a logic gate or combination of gates, such as an AND, NOT, OR, NOR, XOR, IMPLY, NAND, NONIMPLY or XNOR gate. Thus, the invention provides a highly versatile and useful technical approach for implementing tasks using a blockchain.

Description

A Blockchain-implemented Control Method and System for Controlling an External
Process or System
This invention relates generally to distributed ledger technology (including blockchain related technologies), and in particular the use of a blockchain in implementing, controlling and/or automating a task or process. It may relate to the use of a blockchain or related technology for recording or representing the execution of a portion of logic. This portion of logic may be arranged to implement the functionality of a logic gate, or plurality of logic gates, such as AND, XOR, NOT, OR etc..
It is important to note that in this document we use the term 'blockchain' for the sake of convenience and ease of reference because it is currently the most widely known term in this context. However, the term is used herein (including in the claims) to include all forms of electronic, computer-based distributed ledgers, including, but not limited to blockchain and transaction-chain technologies, permissioned and un-permissioned ledgers, shared ledgers and variations thereof.
A blockchain is an electronic ledger which is implemented as a computer-based decentralised, distributed system made up of blocks which in turn are made up of transactions. Each transaction includes at least one input and at least one output. Each block contains a hash of the previous block so that blocks become chained together to create a permanent, unalterable record of all transactions which have been written to the blockchain since its inception. Transactions contain small programs known as scripts embedded into their inputs and outputs, which specify how and by whom the outputs of the transactions can be accessed. On the Bitcoin platform, these scripts are written using a stack-based scripting language.
In order for a transaction to be written to the blockchain, it must be "validated". Network nodes (miners) perform work to ensure that each transaction is valid, with invalid transactions rejected from the network. Software clients installed on the nodes perform this validation work on an unspent transaction (UTXO) by executing its locking and unlocking scripts. If execution of the locking and unlocking scripts evaluate to TRUE, the transaction is valid and the transaction is written to the blockchain.
The most widely known application of blockchain technology is the Bitcoin ledger, although other blockchain implementations have been proposed and developed. While Bitcoin may be referred to herein for the purpose of convenience and illustration, it should be noted that the invention is not limited to use with the Bitcoin blockchain and alternative blockchain implementations fall within the scope of the invention. Blockchain technology is most widely known for the use of cryptocurrency implementation. However, in more recent times, digital entrepreneurs have begun exploring both the use of the cryptographic security system Bitcoin is based on, and the data that can be stored on the Blockchain, to implement new systems. It would be highly advantageous if the blockchain could be used for tasks and processes, such as automated control processes, which are not limited to the realm of cryptocurrency. Such solutions would be able to harness the benefits of the blockchain (e.g. a permanent, tamper proof record of events, distributed processing etc) while being more versatile in their applications. Such an improved solution has now been devised. Thus, in accordance with the present invention there is provided a system and method as defined in the appended claims.
Therefore, in accordance with the invention there may be provided a computer- implemented method of executing a portion of logic. Additionally or alternatively, the invention may be described as a control method. It may control the operation of a hardware and/or software resource. It may control the execution of a computer- implemented process. Additionally or alternatively, the method may provide a technical mechanism for using a blockchain to record or represent the execution, or the result of the execution, of a portion of logic.
The method may comprise the steps:
generating a blockchain Transaction which comprises: at least one signed input which comprises a value; and
at least one modifiable output;
extracting the value from the signed input and providing it to a portion of logic to obtain a result; and
using the result to modify the output of the Transaction.
The result may be used to modify the output such that the Transaction represents the result. The transaction may provide a record of the execution of the portion of logic. This record may be stored on a blockchain. It may provide a record of the result of the execution. It may provide a record which comprises parameters relating to the execution.
The term 'blockchain' is intended to include all forms of electronic, computer-based distributed ledgers including blockchain and transaction-chain technologies, alt-chains, permissioned and un-permissioned ledgers, shared ledgers and variations thereof.
The portion of logic may be a computer-implemented process. It may be arranged to perform a specified task.
The portion of logic may be external to one or both of the Transaction and the blockchain. Furthermore, a Controller (i.e. the owner of the Transaction and the only entity which can update the transaction's outputs after the inputs are signed) may also be external to one or both of the Transaction and the blockchain. The external Controller can apply the portion of logic to the extracted value to obtain the result and communicate with the Transaction to modify the output of the Transaction based on the result. The portion of logic can be representative of a system which is external to one or both of the Transaction and the blockchain and the method further comprises modifying a state of the system based on the modified output of the Transaction. In this way, the invention can be envisaged to utilize the inherent security of the blockchain system to implement, or at least record the state of, external ("off-block") logic systems thereby extending the functionality and security of the blockchain system to external systems. The external system can be any system external to the blockchain whose functionality can, for example, be reduced to a mathematical function, algorithm, or portion of logic such as the functionality of a logic gate or a plurality of logic gates. Such systems will generally have one or more inputs and perform one or more operations on the inputs to generate one or more outputs.
Embodiments of the present invention are useful to ensure that a Controller of such a system remains in control of the system and that the system is robust to attack (e.g. hacking) from another entity. From the perspective of the blockchain, a technical problem solved by at least certain embodiments of the present invention is how to utilize the inherent security of a blockchain system for controlling external "off-block" systems. From the perspective of an external system, a technical problem solved by at least certain embodiments of the present invention is how to increase the security of the external system so that it is robust to hack attacks from third parties.
Examples of external systems to which the present invention can be applied are described herein and include: trading platforms; electronic locks; vehicle control systems; sensors; lighting systems; heating/cooling systems; alarm systems; and industrial manufacturing systems. However, these represent a non-exhaustive list and it is important to note that embodiments of the present invention can in principle be applied to introduce the functionality of a blockchain system into any external system which can be represented by one or more inputs, one or more operations on the inputs; and one or more outputs.
The portion of logic may be arranged to implement the functionality of a logic gate or plurality of logic gates. The logic gate may be an AND, NOT, OR, NOR, XOR, IMPLY, NAND, NONIMPLY or XNOR gate.
The method may further comprise the step of submitting the Transaction to a blockchain. The signed input may be provided to the Transaction using an unlocking script.
The at least one input may be signed using a signature hash type which renders the input as non-modifiable. The signature hash type may be SIGHASH_NONE. The Transaction may further comprise at least one unsigned input.
The method may further comprise the step of submitting the Transaction to a blockchain. It may comprise the step of signing the unsigned input after the output has been modified. The unsigned input may be signed using a signature hash type which prevents modification of the whole Transaction. The signature hash type may be SIGHASH_ALL.
The value may be embedded in a public key associated with the signed input. Additionally or alternatively, it may be extracted from the public key so as to provide it to the portion of logic.
The method may further comprise the step of establishing and/or selecting a protocol and using the protocol to embed the value in the public key. The public key may be used to create a locking script in an intermediate blockchain Transaction. The method may further comprise the step of submitting the intermediate Transaction to a blockchain.
The value may be embedded in the public key by generating a new public key P' wherein:
P' = P + HASH(value Φ S) x G
where:
P is a base or initial public key
G is an Elliptic Curve function, such as secp256kl
x denotes elliptic curve multiplication by scalar; and
- - denotes elliptic curve addition.
The method may further comprise the step of generating a new private key corresponding to the new public key, wherein:
new private key V = V + HASH(value + S) The value which is embedded in the public key may be selected from a specified range of values. The invention also provides a corresponding system. The system may be arranged to implement any embodiment of the method described above.
The invention may provide a computer- implemented system comprising:
at least one computer-based resource arranged to perform the step(s) of any preceding claim; and
a blockchain or other type of electronic ledger. This may be a distributed ledger.
Any feature described in relation to one aspect or embodiment of the invention may also be used to effect with one or more other aspects/embodiments.
These and other aspects of the present invention will be apparent from and elucidated with reference to, the embodiment described herein. An embodiment of the present invention will now be described, by way of example only, and with reference to the accompany drawings, in which:
Figure 1 shows an example transaction and the parts which are hashed with
SIGHASH_ALL and S IGH AS H_NONE Figure 2a shows how a function Controller establishes a PubKey Protocol with each Input Source.
Figure 2b illustrates a scenario wherein an input source has a value to communicate and calculates a value-embedded public key (PubKey) according to its protocol (PubKey protocol).
Figure 2c illustrates a scenario wherein an input source uses the value-embedded PubKey to create a locking script which is used in one of the outputs of an intermediate transaction. Figure 2d illustrates a scenario wherein the Transaction is created; unsigned input from the Controller and each input is added Figure 2e illustrates a scenario wherein every input source signs their respective input to the Transaction with signature type SIGHASH_NONE.
Figure 2f illustrates a scenario wherein the Controller takes the value-embedded PubKey from each Input Source's unlocking scripts in the Transaction and extracts the embedded value based on the associated PubKey protocol
Figure 2g illustrates a scenario wherein the Controller applies the function to the extracted values, and modifies the transaction output(s) based on the result.
Figure 2h illustrates a scenario wherein the Controller signs its input using
SIGHASH_ALL and submits the transaction to the blockchain.
Figures 3 to 8 show blockchain transactions used in accordance with use case example 1 provided below.
Figures 9 to 14 show blockchain transactions used in accordance with use case example 2 provided below. Figures 15 to 20 show blockchain transactions used in accordance with use case example 3 provided below.
Figures 21a to 25 show blockchain transactions used in accordance with use case example
4 provided below.
Figures 26a to 30 show blockchain transactions used in accordance with use case example
5 provided below.
Figures 31 to 35 show blockchain transactions used in accordance with use case example 6 provided below. Figures 36a to 40 show blockchain transactions used in accordance with use case example 7 provided below.
Figures 41a to 45 show blockchain transactions used in accordance with use case example 7 provided below.
We now provide an illustrative embodiment of the invention. This embodiment includes techniques relating to:
• The establishment of a shared secret and its use in the generation of new cryptographic keys
• A mechanism for securely embedding values in Elliptic Curve public keys;
• A blockchain-related scheme or solution in which outputs are conditional upon inputs using a specific signature hash combination; and
• The combination of these techniques to provide a novel mechanism for constructing an externally evaluated function (i.e. external to the blockchain).
The invention provides a novel and advantageous solution for using a blockchain to implement a function. The blockchain is used to provide a record of the execution of the function and/or a result of its result. A function can be a subroutine or procedure (i.e. a process or portion of logic) which is applied to a set of inputs and returns a set of outputs In a preferred embodiment, the function is executed Off-block' ie its performance is not blockchain-dependent. The function is performed by a computer-based resource.
A blockchain (e.g. Bitcoin) transaction is a transfer of (e.g. Bitcoin) value which typically references previous transaction outputs as new transaction inputs and dedicates all input values to new outputs. Transactions are not encrypted, so it is possible to browse and view every transaction ever collected into a block. It would be highly advantageous, however, to be able to construct a blockchain transaction which acts as a function, where the transaction output(s) are conditional or dependent on the information embedded in the transaction input(s). Important aspects of the present invention include (but are not limited to) a method for creating a blockchain transaction that represents a function where:
• Function Input(s) are represented by the public keys used within the unlocking script of the transaction's input(s)
· Function Output(s) are represented by the addresses that the transaction's outputs are sent
• Function Procedure is evaluated external to the blockchain transaction
• The Function Input(s) can be locked in, before applying the Function logic and updating the Function Output(s)
Thus, the present invention includes the following:
• A technique for the distribution of a secret value; this can be achieved using
methods which employ elliptic curve arithmetic so that a message can be embedded in private/public keys; in addition, the Shared Secret can be established across an unsecure network
• A technique for securely embedding a value in Elliptic Curve Public/Private Keys The invention includes a technique for Secret Value Distribution allowing values to be securely embedded in elliptic curve public/private cryptographic keys. The value can be extracted by the receiving party in linear time, but remains intractable for attackers even if the parameters communicated to establish the embedding method are compromised
• Bitcoin Transaction Outputs which are conditional on Inputs
• A novel and inventive method which first signs all of a transaction's inputs except one with SIGHASH_NONE (locks in inputs), and then signs the remaining input with SIGHASH_ALL (locks in inputs and outputs). This flow allows for outputs to be conditioned upon inputs.
The invention will be illustrated via use case examples provided below, in which blockchain (e.g. Bitcoin) transactions can be used to represent the functionality provided by a logic gate. The invention utilises techniques for embedding a message in cryptographic (public/private) keys, and also for establishing a shared secret. These are described as follows. Message Embedding
Given:
• Private key V (an integer)
• Public key P (elliptic curve point)
• EC generator G (an elliptic curve function)
· Message M (a value which can be represented as an integer)
It is known in EC arithmetic that:
P = V x G Elliptic Curve multiplication by scalar
If message M is embedded:
V' = V + M Integer addition
P' = P + M x G Elliptic Curve Point addition
V and P' are the private/public keys with message M embedded
Shared Secret
Given:
• Party A with private key VA and public key PA
• Party B with private key VB and public key PB
• EC generator G (an elliptic curve function) It is known in EC arithmetic that:
PA = VA x G
PB = VB x G
If both parties publish their public key, a shared secret can be securely established:
Party A Shared Secret = VA x PB = VA X (VB X G)
Party B Shared Secret = VB x PA = VB X (VA X G) As EC arithmetic is commutative, the shared secret is equivalent for both parties. Secure Value Embedding in Elliptic Curve Public/private Keys
It is possible to embed a message(value) into EC public/private keys. In order to apply this concept as a method for securely communication between two parties, the following parameters are required:
Figure imgf000013_0001
Embedding Value Method
A sending party can embed a value using a secure formula M such as:
V = V + HASH(value + S) value embedded private key
P' = P + HASH(value - S) x G value embedded public key where:
P is a base or initial public key
G is an Elliptic Curve function, such as secp256kl
x denotes elliptic curve multiplication by scalar; and
- - denotes elliptic curve addition.
The security of this method incorporates and embodies the following points:
· The value embedded public key uses EC arithmetic which is one directional and intractable to reverse
• The hashing function is one directional and difficult to reverse • Shared Secret S is used as a hash salt. This means that even if all other parameters are compromised, an attacker cannot simply iterate through the possible values to work out the embedded value. S is guaranteed to be secure unless the private keys are compromised.
Value Extracting Method
The receiver of a value embedded in a public key can extract the value in linear time. This is done by calculating a value-embedded public key for each possible value until a match is found. This can be achieved by:
For each v in range v_0 to v_n //In this particular script, v_0, v_l, ... , v_n is a range, rather than a set
v' = M(v, P, S, G) //M is the formula using EC arithmetic to embed v
If v' equals P'
Exit loop IN is the embedded value
Blockchain Transaction Outputs Conditional on Inputs
This section presents a method for constructing a blockchain transaction where the outputs are conditioned on the inputs. This is based off knowledge about using signature types SIGHASH_ALL and S IGH AS H_NONE which is available in the public domain:
https://bitcoin.Org/en/developer-guide#signature-hash-types
Signature Types
Bitcoin signatures are a hash of select parts of a Transaction. The parts that are selected are determined by the signature hash type. The signature secures the hashed parts as any modification will yield a different signature thus showing tampering. Figure 1 shows an example transaction and the parts which are hashed with SIGHASH_ALL and
SIGHASH_NONE. It should be noted that, when signing an input, the scriptSigLen & scripts ig of all other inputs are replaced with empty scripts. Transaction Construction Method
1. The blockchain Transaction is created, and inputs are added by all entities 2. All entities, apart from Owner, sign their input with SIGHASH_NONE (this locks in the inputs so they cannot be modified)
3. The Owner determines the output, and updates the transaction
4. The Owner signs its input with SIGHASH_ALL, the transaction is now complete (this locks in both the inputs and the outputs)
Implementing an Externally Evaluated function as a blockchain Transaction
The invention can combine all of the previously described concepts/methods.
Key aspects include are:
• Input values to the function can be embedded in public keys which are communicated as transaction inputs
• The Owner of the function (i.e. the resource which is responsible for executing the function) can interrogate the transaction prior to publication on the Blockchain to implement the function
• The Owner of the function alone can modify the output address of the transaction prior to completion to represent the output of the function
Key Terms
For clarity the following terms will be used throughout to define the implementation and use cases of the present invention.
Name Type
Controller The owner of the transaction representing a function. This is the only entity which can update the transaction's outputs even after inputs are signed
Input Sources One of the entities which adds an input containing a Value Embedded
PubKey to the transaction
Value Embedded This is a cryptographic (Bitcoin) Public Key which has a value embedded in PubKey it with Elliptic Curve arithmetic Name Type
PubKey Protocol A protocol where:
• The sender and receiver agrees on the set of parameters and
embedding + extracting method as described above in the section relating to Secure Value Embedding in Elliptic Curve Public/Private Keys
• A sender communicates the Value Embedded PubKey through one of the input unlocking scripts in the receiver's transaction (the sender must let the receiver know which key has a value embedded) ementation
1. A Controller establishes a PubKey Protocol with each Input Source, as shown in
Figure 2a.
2. Input Source has a value to communicate and calculates a Value Embedded
PubKey according to its PubKey Protocol, as shown in Figure 2b 3. Input Source uses the Value Embedded PubKey to create a locking script which is used in one of the outputs of an Intermediate Transaction (created by Input Source). The Intermediate Transaction is submitted to the blockchain; it is not important whether the locking script is P2PKH or P2SH. This is shown in Figure 2c. 4. Transaction is created and unsigned input from Controller and each Input Source
are added; see figure 2d
a. The inputs by each Input Source references their intermediate transaction, specifically the output with the Value Embedded PubKey
a. It is not important whether this transaction or the intermediate transactions are created first (i.e. order of steps 2-3), as long as all inputs are added to this transaction before step 4
b. It is not important who creates the transaction as long as all parties involved can modify it Every Input Source signs their input to the transaction with signature hash type S IGH AS H_NONE
a. This locks in the inputs, but leaves the outputs free to be modified b. It is not important how each Input Source is informed/checks when all inputs are added
Controller takes the Value Embedded Pub Key from each Input Source's unlocking scripts in the transaction and extracts the value embedded based on the associated PubKey Protocol; see Figure 2f.
a. The value extraction is done externally to the bitcoin transaction b. It is not important how the Controller is informed/checks when all inputs by Input Sources are signed
Controller applies the function to the extracted values, and modifies the transaction output(s) based on the result; see Figure 2g.
a. The function is applied external to the bitcoin transaction
Controller signs its input using SIGHASH_ALL, and submits the transaction to the blockchain; see Figure 2h.
Use case Example 1: XOR logic gate
We now present, for the purposes of illustration, an example use cases which implements present invention by using a (Bitcoin) transaction to represent an XOR logic gate with two input sources. Consider the following scenario.
Alice is a self-taught trader who sees an opportunity to make extra income by trading Company XYZ Stock Options. She opens an account with a particular Online Stock Exchange which accepts payments in Bitcoin. Alice develops a simple Trading Bot, Share Prices Bot, and a Market Index Value Bot. (Each "bot" is a computer-based resource arranged to perform an automated task or process). The Share Prices Bot and Market Index Value Bot are setup such that:
• Both bots record opening value range of the stock market
• Both bots communicate with the Trading Bot if one of the bots sees a value change to another range during the day
• Share Prices Bot scrapes:
o Price of Share XYZ - { PI, P2, ..., P10 }*
• Market Index Value Bot scrapes:
o Market Index Value - { Ml, M2, ..., M5 }*
* represent ranges of values in ascending order. PI < P2 < ... < P10
The Trading Bot buys call and put options based on the market data it receives:
Figure imgf000018_0001
It is important to note that the Share Prices Bot and Market Index Bot only send market data, they do not know the strategy.
Existing Set up
• Alice has given Trading Bot private/public key pair A which has 5BTC
• Alice has given Share Prices Bot private/public key pair X which has 1BTC Alice has given Market Index Value Bot private/public key pair Y which has IBTC Exchange takes payments for Put and Call Options at public key E_PUT and E_CALL respectively
Steps:
1. Alice runs all three bots for the first time:
a. Trading Bot establishes a PubKey Protocol with Share Prices Bot with the following parameters:
Figure imgf000019_0001
b. Trading Bot establishes a PubKey Protocol with Market Index Value Bot with the following parameters:
Parameter Details
Base public key Public Key Y
EC Generator G secp256kl
Shared Secret S (Private Key A) x (Private Key Y) x G
Trading Bot and Market Index Value Bot
calculates this by using each other's public key
Range or set of values M1, M2, ..., M5
Value embedding Y' = Y + SHA256(value Φ S) x G
formula Parameter Details
Key Communicating Pay to Public Key Hash (P2PKH)
Method Share Prices Bot and Market Index Value Bot records the opening value range of the stock market as P5 and M3 respectively Market Index Value Bot detects a change to M2. Both bots calculate a Value Embedded PubKey to send to Trade Bot
a. Stock Price Bot:
i. X' = X + SHA256(P5 Φ S) x G
b. Market Index Value Bot:
i. Y' = Y + SHA256(M2 Φ S) x G Both bots create and submit to the blockchain an Intermediate Transaction with an output which requires a P2PKH unlocking script with their Value Embedded PubKey;
See Figure 3 for the Stock Price Bot's Intermediate Transaction. Note that output 1 requires the unlocking script with Value Embedded PubKey X'; Output 2 is change back to Stock Price Bot
See Figure 4 for the Market Index Value Bot's Intermediate Transaction; Note that output 1 requires the unlocking script with Value Embedded PubKey Y' ; Output 2 is change back to Stock Price Bot Both bots send Trading Bot an unsigned transaction input containing their respective Value Embedded PubKey
See Figure 5a for the Stock Price Bot's Input
See Figure 5b for the Market Index Value Bot's Input See figure 6: Trading Bot creates the transaction representing an XOR gate including the transaction inputs received from Stock Price Bot and Market Index Value Bot See Figure 7: Trading Bot informs Stock Price Bot and Market Index Value Bot of the transaction's storage/access details and requests them to sign their input,
a. Both bots sign with SIGHASH_NONE, locking in the inputs
Trading Bot takes <PubKey X'> from the unlocking script, and calculates Value Embedded Pub Keys for PI, P2, ..., P10 until it finds a matching pubkey with P5
9. Trading Bot takes <PubKey Y'> from the unlocking script, and calculates Value Embedded Pub Keys for Ml, M2, ..., M5 until it finds a matching pubkey with M2
10. Trading Bot takes applies the XOR logic gate to the values, and determines that it should buy a call option
a. P5 G { P7, P8, P9, P10 } XOR M2 G { Ml, M2 }
b. FALSE XOR TRUE
c. TRUE - buy call option
11. See Figure 8: Trading Bot updates the output to send 5BTC to E_PUT, signs its output with SIGHASH_ALL, and submits to the blockchain
Use case Example 2: AND logic Gate
Implements the Bitcoin transaction to represent an AND logic gate with two input sources Imagine a bank that contains a vault with a dual control (dual custody) electronic combination lock. No single person is given both combinations, the simultaneous presence of two bank managers is required to open the door. If both combinations are correctly entered at the same time (Ί 11 and '2222'), the vault door will unlock, otherwise the vault alarm is activated. This is an implementation of an AND gate.
The whole system consists of 4 entities: Combination Lock A, Combination Lock B, Controller, and Vault AND Logic in Controller: Combination A == '1111 ' AND Combination B = =
'2222 '
Figure imgf000022_0001
It should be noted that all logic evaluation is performed by the Controller. The
Combination Locks simply sends the 4 digit code but does not evaluate whether the code TRUE or FALSE.
Existing Setup
• Combination Lock A owns private/public key pair A which has 1BTC
• Combination Lock B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Vault owns private/public key pair V_DOOR and V_ALARM
Steps:
1. When the system was first installed, Controller established a PubKey Protocol with Combination Lock A and Combination Lock B to allow secure communication of signals:
Controller & Combination Lock A's PubKey Protocol parameters
Details
Parameter
Public Key A (owned by Combination Lock A)
Base public key Details
Parameter
secp256kl
EC Generator G
(Private Key A) x (Private Key C) x G
Shared Secret S
Controller & Combination Lock A calculates this by using each other' s public key
Range or set of values 0000, 0001, .... , 9998, 9999
Value embedding formula PubKey A' = PubKey A + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method b. Controller & Combination Lock B's PubKey Protocol parameters:
Details
Parameter
Public Key B (owned by Combination Lock B)
Base public key
secp256kl
EC Generator G
(Private Key B) x (Private Key C) x G
Shared Secret S
Controller & Combination Lock B calculates this by using each other' s public key
Range or set of values 0000, 0001, .... , 9998, 9999
Value embedding formula PubKey B' = PubKey B + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method
Bank Managers simultaneously enter their respective 4 digit code (1111 and 2222) into Combination Lock A and Combination Lock B. Each Combination Lock embeds their 4 digit code into a Value Embedded PubKey (PubKey A' and PubKey B')
c. Combination Lock A:
i. PubKey A' = PubKey A + SHA256(' l 111 ' Φ S) x G
d. Combination Lock B:
i. PubKey B' = PubKey B + SHA256('2222' Φ S) x G
Both Combination Locks create and submit to the blockchain a Bitcoin transaction (Intermediate Transaction) with an output to their respective Value Embedded PubKey
a. Combination Lock A's Intermediate Transaction: See figure 9
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Combination Lock A's public key A
b. Combination Lock B's Intermediate Transaction: See figure 10
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Combination Lock B's public key B
Both Combination Locks create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the Controller - See figure 11 for
a. Combination Lock A's transaction input
b. Combination Lock B's transaction input:
Controller uses the Bitcoin transaction inputs from the Combination Locks and creates a Bitcoin transaction representing an AND gate (AND Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 12
Controller requests for Combination Lock A and Combination Lock B to sign their respective input in the AND Gate Transaction using SIGHASH_NONE. This locks in the inputs, while still allowing the outputs to be modified - See figure 13
Controller uses its PubKey Protocol with Combination Lock A to calculate a Value Embedded PubKey for each 4 digit combination 0000, 0001, ..., 9998, 9999 until it finds one which matches PubKey A'
a. Controller finds that Ί 111 ' produces the same Value Embedded PubKey as PubKey A'
Controller uses its PubKey Protocol with Combination Lock B to calculate a Value Embedded PubKey for each 4 digit combination 0000, 0001, ..., 9998, 9999 until it finds one which matches PubKey B' a. Controller finds that '2222' produces the same Value Embedded PubKey as PubKey B'
9. Controller applies the AND gate logic to the combinations:
a. Combination A = Ί 111 ' AND Combination B = '2222'
b. TRUE AND TRUE
c. TRUE - send signal to V_DOOR to unlock door
10. Controller updates AND Gate Transaction's output to send signal to V_DOOR and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain: See figure 14
11. Vault upon seeing a transaction output to V_DOOR, unlocks the vault door Use case example 3: IMPLY Logic gate
In this example we implement the Bitcoin transaction to represent an IMPLY logic gate with two input sources. Imagine a plane with two switches, Switch A which turns on/off manual mode, and Switch B which turns on/off the landing gear extending system. If
Switch A is off (auto-landing), the landing gear is always extended regardless of Switch B. Switch A is on (manual mode), the landing gear is extended based on Switch B. This is an implementation of an IMPLY gate. The whole system consists of 4 entities: Switch A, Switch B, Controller, and Landing Gear.
IMPLY Logic in Controller: Switch A == On IMPLY Switch B
Input Signal from Controller IMPLY Logic Output Signal from
Input Signal from
Switch B to Controller to Landing Switch A to
Controller Gear Extending Controller
System
Off Off TRUE (auto-mode, always Extend
extend)
TRUE (auto-mode, always Extend
Off On
extend)
On Off FALSE (manual-mode, extend Retract
based on switch B)
On On TRUE (manual-mode, extend Extend
based on switch B) All logic evaluation is performed by the Controller. The Switches simply send their state Existing Set up
• Switch A owns private/public key pair A which has 1BTC
• Switch B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Landing Gear Extending System owns private/public key pair L_EXTEND and L_RETRACT
Steps
1. When the system was first installed, Controller established a PubKey Protocol with Switch A and Switch B to allow secure communication of signals:
a. Controller & Switch A's PubKey Protocol parameters:
Details
Parameter
Public Key A (owned by Switch A)
Base public key
secp256kl
EC Generator G
(Private Key A) x (Private Key C) x G
Shared Secret S
Controller & Switch A calculates this by using each other' s public key
Range or set of values On, Off
Value embedding formula PubKey A' = PubKey A + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method b. Controller & Switch B's PubKey Protocol parameters:
Details
Parameter
Public Key B (owned by Switch B)
Base public key
secp256kl
EC Generator G
(Private Key B) x (Private Key C) x G
Shared Secret S
Controller & Switch B calculates this by using each other' s public key
Range or set of values On, Off
Value embedding formula PubKey B ' = PubKey B + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method Manual Mode is currently engaged (Switch A is on), and the Landing Gears are retracted (Switch B is off).
The Pilot prepares for landing and turns Switch A off (auto-landing). Each Switch embeds their state into a Value Embedded Pub Key (Pub Key A' and Pub Key B') a. Switch A:
i. PubKey A' = PubKey A + SHA256(Off Φ S) x G
b. Switch B:
i. PubKey B' = PubKey B + SHA256(Off Φ S) x G
Both Switches create and submit to the blockchain a Bitcoin transaction
(Intermediate Transaction) with an output to their respective Value Embedded PubKey
a. Switch A's Intermediate Transaction: See figure 15
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Switch A's public key A
c. Switch B's Intermediate Transaction: see figure 16
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Switch B's public key B
Both Switches create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the Controller: see figure 17 for
a. Switch A's transaction input
b. Switch B's transaction input
Controller uses the Bitcoin transaction inputs from the Switches and creates a Bitcoin transaction representing an IMPLY gate (IMPLY Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 18 Controller requests for Switch A and Switch B to sign their respective input in the IMPLY Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified - See figure 19
Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for On and Off, to find a match with PubKey A'
a. Controller finds that Off produces the same Value Embedded PubKey as PubKey A'
Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for On and Off, to find a match with PubKey B '
a. Controller finds that Off produces the same Value Embedded PubKey as PubKey B'
10. Controller applies the IMPLY gate logic:
a. Switch A == On IMPLY Switch B == On
b Off == On IMPLY Off == On
c FALSE IMPLY FALSE
d TRUE - send signal to L_EXTEND to extend the landing gear
11. Controller updates IMPLY Gate Transaction's output to send signal to L_EXTEND and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain: See figure 20
12. Landing Gear Extending System upon seeing a transaction output to L_EXTEND, turns on
Use Case Example 4: NAND Logic Gate
In this example, we implements the Bitcoin transaction to represent an NAND logic gate with two input sources. In a car each door typically has a switch that opens when the door is open, and if one or more doors are open a warning light is switched on to warn the driver. This is an implementation of a NAND gate. The whole system consists of 4 entities: Switch A, Switch B, Controller, and Light. Both Switches send a signal to the Controller when one of them changes state NAND Logic in Controller: Switch A = Closed NAND Switch B = Closed
Figure imgf000029_0001
All logic evaluation is performed by the Controller. The Switches simply sends their open or closed state to the Controller.
Existing Set up
• Switch A owns private/public key pair A which has 1BTC
• Switch B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Light owns private/public key pair L_TURNON and L_TURNOFF
Steps:
1. When the system was first installed, Controller established a PubKey Protocol with Switch A and Switch B to allow secure communication of signals:
a. Controller & Switch A's PubKey Protocol parameters:
Details
Parameter
Public Key A (owned by Combination Lock A)
Base public key
secp256kl
EC Generator G
(Private Key A) x (Private Key C) x G
Shared Secret S
Controller & Switch A calculates this by using
each other' s public key
Range or set of values Open, Closed (mapped to any unique pair of
numbers) Details
Parameter
Value embedding formula PubKey A' = PubKey A + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method b. Controller & Switch B's PubKey Protocol parameters:
Details
Parameter
Public Key B (owned by Combination Lock B)
Base public key
secp256kl
EC Generator G
(Private Key B) x (Private Key C) x G
Shared Secret S
Controller & Switch B calculates this by using
each other' s public key
Range or set of values Open, Closed (mapped to any unique pair of
numbers)
Value embedding formula PubKey B' = PubKey B + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method
Switch A detects that its door has changed from closed opened, while Switch B detects that its door remains closed. Each Switch embeds their respective state (Open and Close) into a Value Embedded PubKey (PubKey A' and PubKey B') a. Switch A:
i. PubKey A' = PubKey A + SHA256('Open' Φ S) x G
b. Switch B:
i. PubKey B' = PubKey B + SHA256( 'Close' Φ S) x G
See Figure 21a and Figure 21b. Both Switches create and submit to the blockchain a Bitcoin transaction (Intermediate Transaction) with an output to their respective Value Embedded PubKey
a. Switch A's Intermediate Transaction: Figure 21a
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Switch A's public key A
b. Switch B's Intermediate Transaction: Figure 21b
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Switch B's public key B
Both Switches send the Controller an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. See Figure 22 for a. Switch A' s transaction input:
b. Switch B's transaction input:
Controller uses the Bitcoin transaction inputs from the Switches and creates a Bitcoin transaction representing a NAND gate (NAND Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See figure 23
Controller requests for Switch A and Switch B to sign their respective input in the NAND Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See figure 24
Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded PubKey for each state Open and Close.
a. Controller finds that Open' produces the same Value Embedded PubKey as PubKey A'
Controller uses its PubKey Protocol with Switch B to calculate a Value Embedded PubKey for each state Open and Close
Controller finds that 'Close' produces the same Value Embedded PubKey as PubKey B'
Controller applies the NAND gate logic to the switch states:
a. Switch A = Closed NAND Switch B = Closed
b. FALSE NAND TRUE
c. TRUE - send signal to L_TURNON to turn on light 9. Controller updates NAND Gate Transaction's output to send signal to L_TURNON and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain. See figure 25.
10. Light upon seeing a transaction output to L_TURNON, turns on Use case Example 5: NONIMPLY Logic Gate
In the example we implement the Bitcoin transaction to represent a NONIMPLY logic gate with two input sources. Imagine a smart driveway lighting system which has Sensor A which detects the presence of a car, and Switch B which turns on/off manual only mode. If Sensor A does not detect a car, the driveway light is off. If Sensor A detects a car, it automatically turns on the driveway light if Switch B manual mode is off. This is an implementation of a NONIMPLY gate. The whole system consists of 4 entities: Sensor A, Switch B, Controller, and Driveway Light
NONIMPLY Logic in Controller: Sensor A == 'Car' IMPLY Switch B == 'Manual On '
Figure imgf000032_0001
All logic evaluation is performed by the Controller. The Sensor and Switch simply sends their state.
Existing Setup:
• Sensor A owns private/public key pair A which has 1BTC
• Switch B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Driveway Light owns private/public key pair L_ON and L_OFF Steps:
1. When the system was first installed, Controller established a PubKey Protocol with Sensor A and Switch B to allow secure communication of signals:
a. Controller & Sensor A' s PubKey Protocol parameters:
Figure imgf000033_0001
Sensor A currently detects no cars and Switch B has manual mode turned off.
Sensor A detects a car on the driveway. The Sensor and Switch embeds their state into a Value Embedded PubKey (PubKey A' and PubKey B')
a. Sensor A:
i. PubKey A' = PubKey A + SHA256(Car Φ S) x G b. Switch B:
i. PubKey B' = PubKey B + SHA256(Manual Off Φ S) x G Both Switches create and submit to the blockchain a Bitcoin transaction
(Intermediate Transaction) with an output to their respective Value Embedded PubKey
a. Sensor A's Intermediate Transaction: Figure 26 a
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Switch A's public key A
b. Switch B's Intermediate Transaction: Figure 26b
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Switch B's public key B
Sensor A and Switch B create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the Controller. See figure 27 for
a. Sensor A's transaction input:
b. switch B's transaction input:
Controller uses the Bitcoin transaction inputs from the Sensor and Switch to create a Bitcoin transaction representing a NONIMPLY gate (NONIMPLY Gate
Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See figure 28.
Controller requests for Sensor A and Switch B to sign their respective input in the NONIMPLY Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See figure 29.
Controller uses its PubKey Protocol with Sensor A to calculate a Value Embedded PubKey for Car and No Car, to find a match with PubKey A'
a. Controller finds that Car produces the same Value Embedded PubKey as PubKey A' Controller uses its PubKey Protocol with Switch A to calculate a Value Embedded Pub Key for Manual On and Manual Off, to find a match with PubKey B'
a. Controller finds that Manual Off produces the same Value Embedded
PubKey as PubKey B'
10. Controller applies the NONIMPLY gate logic:
a. Sensor A == 'Car' NONIMPLY Switch B == 'Manual On' b. 'Car' == 'Car' NONIMPLY 'Manual Off == 'Manual On' c. TRUE IMPLY FALSE
d. TRUE - send signal to L_ON to turn on driveway light
11. Controller updates NONIMPLY Gate Transaction's output to send signal to L_ON and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain. See figure 30.
12. Driveway light upon seeing a transaction output to L_ON, turns on
Use case example 6: NOT logic gate
In this example we implement the Bitcoin transaction to represent a NOT logic gate with one input source. Imagine that the Crown Jewels in the Tower of London are displayed to millions of visitors every year. Imagine that the Imperial State Crown sits upon a pressure sensitive switch that is normally closed. Placing the crown on the switch arms the alarm. Removing the crown from the switch activates the alarm. This is an implementation of a NOT gate. .The whole system consists of a controller, a switch, and an alarm. The Switch sends a signal to the Controller when it changes state.
NOT Logic in Controller: NOT Switch = Closed
Controller NOT logic Output Signal from Controller to
Signal from Switch
Alarm
False Activate Alarm
Closed
True Arm Alarm
Open Existing Setup
• Switch owns private/public key pair X which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Alarm owns private/public key pairs A_Activate and A_Arm
Steps:
1. During installation, Controller and Switch establishes a PubKey Protocol with the following parameters:
Figure imgf000036_0001
2. Switch is initially in closed state (crown is on the switch)
3. Switch detects a change when the crown is removed. Switch embeds signal 'false' into a Value Embedded PubKey (PubKey X')
a. PubKey X' = PubKey X + SHA256( 'false' Φ S) x G
4. Switch creates and submits to the blockchain an Intermediate Transaction with an output to its Value Embedded PubKey. See Figure 31
Output 1 - the input spending this output will communicate PubKey X' to the Controller
Output 2 - change back to Switch X's public key A
5. Switch sends Controller an unsigned Bitcoin transaction input spending Output 1 of the Intermediate Transaction. See figure 32 6. Controller creates a Bitcoin transaction representing an NOT gate (NOT Gate Transaction) including the Bitcoin transaction input received from Switch. See figure 33 7. Controller requests Switch to sign its input in NOT Gate Transaction so that it is locked in
a. Switch signs with SIGHASH_NONE, preventing it from being modified:
Figure 34 8. Controller calculates Value Embedded PubKey for 'true' and 'false', and compares it with the Value Embedded PubKey (PubKey X') from the unlocking script. It finds a match with 'false'
9. Controller applies the NOT gate to the value 'false', and determines that it should send a signal to Activate Alarm (A_ACTIVATE)
10. Controller updates NOT Gate Transaction's output to send a signal to
A_ACTIVATE and change back to its own public key C. It then signs is input with SIGHASH_ALL, and submits to the blockchain. See figure 35
Output 1 - Signal to Activate Alarm
Output 2 - Change back to Controller's public key C
11. Alarm upon seeing a transaction output to A_ACTIVATE, activates Use case example 7: OR Logic Gate
Implements the Bitcoin transaction to represent an OR logic gate with two input sources Consider a building with an automated airflow system which uses an internal and external temperature sensor. The temperature sensors reads integer degrees Celsius from -30 to 50. If the internal temperature is above 21 or the external temperature is above 25, the airflow system expels cool air, otherwise the airflow system expels warm air. This is an implementation of an OR gate. The whole system consists of 4 entities: Temp. Sensor A, Temp. Sensor B, Controller, and Airflow System. Both sensors send a signal to the controller when either one detects a change in temperature.
OR Logic in Controller: Temp. A > 21 OR Temp. B > 25
Figure imgf000038_0001
All logic evaluation is performed by the Controller. The Temp. Sensors simply sends the temperature reading but does not evaluate whether it is hot or cold.
Existing Setup
• Temp. Sensor A owns private/public key pair A which has 1BTC
• Temp. Sensor B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Airflow System owns private/public key pair S_COOL and S_WARM
When the system was first installed, Controller established a PubKey Protocol with Temp. Sensor A and Temp. Sensor B to allow secure communication of signals: a. Controller & Temp. Sensor A's PubKey Protocol parameters:
Details
Parameter
Public Key A (owned by
Base public key Temp. Sensor A)
secp256kl
EC Generator G
(Private Key A) x (Private Key C) x G
Shared Secret S
Controller & Temp. Sensor A calculates this by
using each other's public key
Range or set of values -30, -29, ..., 49, 50
Value embedding formula PubKey A' = PubKey A + SHA256(value Φ S)
x G Details
Parameter
Key Communicating Pay to Public Key Hash (P2PKH)
Method b. Controller & Temp. Sensor B's Pub Key Protocol parameters:
Details
Parameter
Public Key B (owned by
Base public key Temp. Sensor B)
secp256kl
EC Generator G
(Private Key B) x (Private Key C) x G
Shared Secret S
Controller & Temp. Sensor B calculates this by using each other's public key
Range or set of values -30, -29, ..., 49, 50
Value embedding formula PubKey B' = PubKey B + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method
Temp. Sensor A currently reads 21, and Temp. Sensor B reads 27
Temp. Sensor A detects a change from 21 to 20. Each Temp. Sensor embeds their reading into a Value Embedded PubKey (PubKey A' and PubKey B')
a. Temp. Sensor A:
i. PubKey A' = PubKey A + SHA256(20 Φ S) x G
b. Temp. Sensor B:
i. PubKey B' = PubKey B + SHA256(27 Φ S) x G Both Temp. Sensors create and submit to the blockchain a Bitcoin transaction (Intermediate Transaction) with an output to their respective Value Embedded PubKey
a. Temp. Sensor A's Intermediate Transaction: figure 36a
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Temp. Sensor A's public key A
b. Temp. Sensor B's Intermediate Transaction: Figure 36 b
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Temp. Sensor B's public key B
5. Both Temp. Sensor create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the
Controller. See Figure 37 for
a. Temp. Sensor A's transaction input
b. Temp. Sensor B's transaction input 6. Controller uses the Bitcoin transaction inputs from the Temperature Sensors and creates a Bitcoin transaction representing an OR gate (OR Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 38 7. Controller requests for Temp. Sensor A and Temp. Sensor B to sign their respective input in the OR Gate Transaction using SIGHASH_NONE. This locks in the inputs, while still allowing the outputs to be modified. See Figure 39
8. Controller uses its PubKey Protocol with Temp. Sensor A to calculate a Value Embedded PubKey for each temperature -30, -29, ..., 49, 50 until it finds one which matches PubKey A'
a. Controller finds that 20 produces the same Value Embedded PubKey as PubKey A' 9. Controller uses its PubKey Protocol with Temp. Sensor B to calculate a Value Embedded PubKey for each temperature -30, -29, ..., 49, 50 until it finds one which matches PubKey B'
a. Controller finds that 27 produces the same Value Embedded PubKey as PubKey B'
10. Controller applies the OR gate logic to the temperature readings:
a. Temp. A > 21 OR Temp. B > 25 20 > 21 OR 27 > 25
FALSE OR TRUE
TRUE - send signal to S_COOL to expel cool 11. Controller updates OR Gate Transaction's output to send signal to S_COOL and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain. See Figure 40
12. Airflow system upon seeing a transaction output to S_COOL, expels cool air
Use case example 8: XNOR Logic Gate
In this example we implement the Bitcoin transaction to represent an XNOR logic gate with two input sources. Consider a production system which produces two items: cricket balls and cricket ball corks. Both items pass through the same quality control which has two scanners A and B. Scanner A gives a belief reading from 0, 5, 10, ..., 95, 100% of whether the ball is red. Scanner B gives a belief reading from 0, 5, 10, ..., 95, 100% of whether the ball has stitches. If a ball has both features, it is accepted as it is a normal cricket ball. If a ball has neither feature, it is also accepted as it is a cork. If a ball has only one of the features, it is rejected because it is a defect. This is an implementation of a XNOR gate.
The whole system consists of 4 entities: Scanner A, Scanner B, Controller, and Production System. Both detectors send a belief to the controller when either one detects a change. XNOR Logic in Controller: Scanner Belief A > 90% XNOR Scanner Belief B > 60% Detecting stitches is less accurate than detecting red, so a larger range of acceptable values is used for Scanner B.
Input Signal from Controller XNOR Logic Output Signal from
Input Signal from
Scanner B to Controller to Prod. Scanner A to
Controller System
Controller
0, 5, ..., 75, 90% 0, 5, 55, 60% TRUE Accept
0, 5, ..., 75, 90% 65, 70, ..., 95, 100% FALSE Reject Input Signal from Controller XNOR Logic Output Signal from
Input Signal from
Scanner B to Controller to Prod. Scanner A to
Controller System
Controller
95, 100% 0, 5, 55, 60% FALSE Reject
95, 100% 65, 70, ..., 95, 100% TRUE Accept
All logic evaluation is performed by the Controller. The Scanners simply sends their belief reading but does not evaluate whether it is high enough to assume there is a fire.
Existing Setup
• Scanner A owns private/public key pair A which has 1BTC
• Scanner B owns private/public key pair B which has 1BTC
• Controller owns private/public key pair C which has 1BTC
• Production System owns private/public key pair S_ACCEPT and S_REJECT
Steps:
1. When the system was first installed, Controller established a PubKey Protocol with Scanner A and Scanner B to allow secure communication of signals:
a. Controller & Scanner A's PubKey Protocol parameters:
Details
Parameter
Public Key A (owned by
Base public key Scanner A)
secp256kl
EC Generator G
(Private Key A) x (Private Key C) x G
Shared Secret S
Controller & Scanner A calculates this by using
each other' s public key
Range or set of values 0, 5, ..., 95, 100%
Value embedding formula PubKey A' = PubKey A + SHA256(value Φ S) x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method b. Controller & Scanner B's PubKey Protocol parameters:
Details
Parameter
Public Key B (owned by
Base public key Scanner B)
secp256kl
EC Generator G Details
Parameter
(Private Key B) x (Private Key C) x G
Shared Secret S
Controller & Scanner B calculates this by using
each other' s public key
Range or set of values 0, 5, ..., 95, 100%
Value embedding formula PubKey B' = PubKey B + SHA256(value Φ S)
x G
Key Communicating Pay to Public Key Hash (P2PKH)
Method A ball passes through the scanners. Scanner A reads 100% match. Scanner B reads 75% match. Each Scanner embeds their reading into a Value Embedded PubKey (PubKey A' and PubKey B')
a. Scanner A:
i. PubKey A' = PubKey A + SHA256(100% Φ S) x G
b. Scanner B:
i. PubKey B' = PubKey B + SHA256(75% Φ S) x G Both Scanners create and submit to the blockchain a Bitcoin transaction
(Intermediate Transaction) with an output to their respective Value Embedded PubKey
d. Scanner A's Intermediate Transaction: See Figure 41a
Output 1 - the input spending this output will communicate PubKey A' to the Controller
Output 2 - change back to Scanner A's public key A
e. Scanner B's Intermediate Transaction: See Figure 41 b
Output 1 - the input spending this output will communicate PubKey B ' to the Controller
Output 2 - change back to Scanner B's public key B Both Scanners create an unsigned Bitcoin transaction input which spends output 1 of their respective Intermediate Transaction. They send this input to the Controller. See Figure 42 for a. Scanner A's transaction input
c. Scanner B's transaction input Controller uses the Bitcoin transaction inputs from the Scanners and creates a Bitcoin transaction representing a XNOR gate (XNOR Gate Transaction). This transaction includes an input from the Controller itself, so that it alone can modify the outputs. See Figure 43 Controller requests for Scanner A and Scanner B to sign their respective input in the XNOR Gate Transaction using S IGH AS H_NONE . This locks in the inputs, while still allowing the outputs to be modified. See Figure 44. Controller uses its PubKey Protocol with Scanner A to calculate a Value Embedded PubKey for each belief 0, 5, ..., 95, 100% until it finds one which matches PubKey A'
a. Controller finds that 100% produces the same Value Embedded PubKey as PubKey A' Controller uses its PubKey Protocol with Scanner B to calculate a Value Embedded PubKey for each belief 0, 5, ..., 95, 100% until it finds one which matches PubKey B'
a. Controller finds that 75% produces the same Value Embedded PubKey as PubKey B' Controller applies the NOR gate logic to the temperature readings:
a. Scanner Belief A > 90% XNOR Scanner Belief B > 60%
b. 100 > 60 XNOR 75 > 60
c. TRUE OR TRUE
d. TRUE - send signal to S_ACCEPT to accept the ball 11. Controller updates XNOR Gate Transaction's output to send signal to S_ACCEPT and to give change back to itself. It then signs its input with SIGHASH_ALL to lock in all inputs and outputs, and submits to the blockchain. See Figure 45. 12. The system upon seeing a transaction output to S_ACCEPT, allows the ball to continue to packaging
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be capable of designing many alternative embodiments without departing from the scope of the invention as defined by the appended claims. In the claims, any reference signs placed in parentheses shall not be construed as limiting the claims. The word "comprising" and "comprises", and the like, does not exclude the presence of elements or steps other than those listed in any claim or the specification as a whole. In the present specification, "comprises" means "includes or consists of and "comprising" means "including or consisting of. The singular reference of an element does not exclude the plural reference of such elements and vice-versa. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a device claim enumerating several means, several of these means may be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

CLAIMS:
1. A computer- implemented method of executing a portion of logic, the method
comprising the steps:
generating a blockchain Transaction which comprises:
at least one signed input which comprises a value; and
at least one modifiable output;
extracting the value from the signed input and providing it to a portion of logic to obtain a result; and
using the result to modify the output of the Transaction such that the Transaction represents the result.
2. A method according to claim 1 wherein the portion of logic is external to one or both of the Transaction and the blockchain.
3. A method according to claim 1 or 2 wherein a Controller which is external to one or both of the Transaction and the blockchain applies the portion of logic to the extracted value to obtain the result and communicates with the Transaction to modify the output of the Transaction based on the result.
4. A method according to any preceding claim wherein the portion of logic represents a system which is external to one or both of the Transaction and the blockchain and the method further comprises modifying a state of the external system based on the modified output of the Transaction.
5. A method according to any preceding claim wherein the portion of logic is arranged to implement the functionality of a logic gate.
6. A method according to claim 5 wherein the logic gate is an AND, NOT, OR, NOR, XOR, IMPLY, NAND, NONIMPLY or XNOR gate.
7. A method according to any preceding claim and further comprising the step of submitting the Transaction to a blockchain.
8. A method according to any preceding claim wherein the signed input is provided to the Transaction using an unlocking script.
9. A method according to any preceding claim wherein the at least one input is signed using a signature hash type which renders the input as non-modifiable.
10. A method according to claim 9 wherein the signature hash type is
S IGH AS H_NONE .
11. A method according to any preceding claim wherein the Transaction further comprises at least one unsigned input.
12. A method according to claim 11 and further comprising the step of signing the unsigned input after the output has been modified.
13. A method according to claim 12 wherein the unsigned input is signed using a signature hash type which prevents modification of the whole Transaction.
14. A method according to claim 13, wherein the signature hash type is SIGHASH_ALL.
15. A method according to any preceding claim wherein the value is:
embedded in a public key associated with the signed input; and
extracted from the public key so as to provide it to the portion of logic.
16. A method according to claim 15 and further comprising the step of establishing and/or selecting a protocol and using the protocol to embed the value in the public key.
17. A method according to claim 15 or 16 wherein the public key is used to create a locking script in an intermediate blockchain Transaction.
18. A method according to claim 17 and further comprising the step of submitting the intermediate Transaction to a blockchain.
19. A method according to claim 15 to 18 wherein the value is embedded in the public key by generating a new public key P' wherein:
P' = P + HASH(value Φ S) x G
where:
P is a base or initial public key
G is an Elliptic Curve function, such as secp256kl
x denotes elliptic curve multiplication by scalar; and
- - denotes elliptic curve addition
20. A method according to claim 15 to 19 and further comprising the step of generating a new private key corresponding to the new public key, wherein:
new private key V = V + HASH(value + S)
21. A method according to claim 15 to 20 wherein the value which is embedded in the public key is selected from a specified range of values.
22. A computer-implemented system comprising:
at least one computer-based resource arranged to perform the step(s) of any preceding claim; and
a blockchain.
PCT/IB2017/053957 2016-07-05 2017-06-30 A blockchain-implemented control method and system for controlling an external process or system WO2018007916A1 (en)

Priority Applications (10)

Application Number Priority Date Filing Date Title
KR1020197002687A KR102467625B1 (en) 2016-07-05 2017-06-30 Blockchain-implemented control method and system for controlling an external process or system
US16/315,524 US11463260B2 (en) 2016-07-05 2017-06-30 Blockchain-implemented control method and system for controlling an external process or system
SG11201811008RA SG11201811008RA (en) 2016-07-05 2017-06-30 A blockchain-implemented control method and system for controlling an external process or system
CN201780037506.1A CN109478278B (en) 2016-07-05 2017-06-30 Control method and system for controlling a blockchain implementation of an external process or system
JP2018567907A JP7096774B2 (en) 2016-07-05 2017-06-30 Control methods and systems that implement blockchains that control external processes or systems
EP17740487.8A EP3482365A1 (en) 2016-07-05 2017-06-30 A blockchain-implemented control method and system for controlling an external process or system
ZA2019/00510A ZA201900510B (en) 2016-07-05 2019-01-24 A blockchain-implemented control method and system for controlling an external process or system
JP2022101488A JP7344350B2 (en) 2016-07-05 2022-06-24 Control method and system implementing blockchain to control external processes or systems
US17/958,029 US20230144153A1 (en) 2016-07-05 2022-09-30 Blockchain-implemented control method and system for controlling an external process or system
JP2023142211A JP2023162388A (en) 2016-07-05 2023-09-01 Control method and system implementing blockchain to control external process or system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1611698.0 2016-07-05
GBGB1611698.0A GB201611698D0 (en) 2016-07-05 2016-07-05 Blockchain-implemented control method and system

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US16/315,524 A-371-Of-International US11463260B2 (en) 2016-07-05 2017-06-30 Blockchain-implemented control method and system for controlling an external process or system
US17/958,029 Continuation US20230144153A1 (en) 2016-07-05 2022-09-30 Blockchain-implemented control method and system for controlling an external process or system

Publications (1)

Publication Number Publication Date
WO2018007916A1 true WO2018007916A1 (en) 2018-01-11

Family

ID=56891040

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2017/053957 WO2018007916A1 (en) 2016-07-05 2017-06-30 A blockchain-implemented control method and system for controlling an external process or system

Country Status (9)

Country Link
US (2) US11463260B2 (en)
EP (1) EP3482365A1 (en)
JP (3) JP7096774B2 (en)
KR (1) KR102467625B1 (en)
CN (1) CN109478278B (en)
GB (1) GB201611698D0 (en)
SG (2) SG10202112767PA (en)
WO (1) WO2018007916A1 (en)
ZA (1) ZA201900510B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108830463A (en) * 2018-05-29 2018-11-16 厦门哈希科技有限公司 A kind of storage method, device, storage medium, terminal device and the system of evaluation record
EP3525498A1 (en) * 2018-02-08 2019-08-14 Sony Corporation Electronic devices, systems and methods for vehicular communication
WO2019180733A1 (en) * 2018-03-23 2019-09-26 Ramesh Belavadi Nagarajaswamy System and method for composite-key based blockchain device control
US10642643B2 (en) 2017-02-28 2020-05-05 Alibaba Group Holding Limited Method and apparatus for writing service data into block chain and method for determining service subset
KR20200063541A (en) * 2018-11-28 2020-06-05 주식회사 이와이엘 User authentication method and system using block chain based quantum entropy source
US11227282B2 (en) 2018-08-20 2022-01-18 Probloch LLC Time-bounded activity chains with multiple authenticated agent participation bound by distributed single-source-of-truth networks that can enforce automated value transfer
US11455846B2 (en) 2019-01-03 2022-09-27 International Business Machines Corporation Consensus vehicular collision properties determination
WO2023117274A1 (en) * 2021-12-21 2023-06-29 Nchain Licensing Ag Signature-based atomic swap

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102464299B1 (en) * 2016-07-29 2022-11-07 엔체인 홀딩스 리미티드 Blockchain implementation method and system
JP7372938B2 (en) 2018-05-14 2023-11-01 エヌチェーン ライセンシング アーゲー Computer-implemented systems and methods for performing atomic swaps using blockchain
WO2019227457A1 (en) * 2018-06-01 2019-12-05 Nokia Technologies Oy Method and apparatus for decentralized trust evaluation in a distributed network
US20210092127A1 (en) * 2019-09-19 2021-03-25 Microsoft Technology Licensing, Llc Writing role-backed access control to chain

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150379510A1 (en) * 2012-07-10 2015-12-31 Stanley Benjamin Smith Method and system to use a block chain infrastructure and Smart Contracts to monetize data transactions involving changes to data included into a data supply chain.

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5511121A (en) 1994-02-23 1996-04-23 Bell Communications Research, Inc. Efficient electronic money
FR2744309B1 (en) * 1996-01-26 1998-03-06 Bull Cp8 ASYMMETRIC CRYPTOGRAPHIC COMMUNICATING METHOD, AND PORTABLE OBJECT THEREOF
KR101061906B1 (en) 2004-02-19 2011-09-02 삼성전자주식회사 Basic Computing Device and Method Safe for Power Analysis Attack
US7617397B2 (en) * 2005-04-29 2009-11-10 Microsoft Corporation Systems and methods for generation and validation of isogeny-based signatures
US8256010B2 (en) * 2009-04-01 2012-08-28 Microsoft Corporation Providing access to a data item using access graphs
US8484723B2 (en) * 2009-06-05 2013-07-09 Signix, Inc. Method and system for signing and authenticating electronic documents via a signature authority which may act in concert with software controlled by the signer
US8452969B2 (en) * 2009-09-16 2013-05-28 GM Global Technology Operations LLC Flexible broadcast authentication in resource-constrained systems: providing a tradeoff between communication and computational overheads
US8509426B1 (en) 2010-12-01 2013-08-13 King Fahd University Of Petroleum And Minerals XZ-elliptic curve cryptography system and method
CN102629403B (en) * 2012-03-14 2014-07-16 深圳市紫金支点技术股份有限公司 USB (Universal Serial Bus) flash disk authorization method and system based on ATM (Automatic Teller Machine) equipment
US9876775B2 (en) 2012-11-09 2018-01-23 Ent Technologies, Inc. Generalized entity network translation (GENT)
WO2014201059A1 (en) * 2013-06-10 2014-12-18 Certimix, Llc Secure storing and offline transfering of digitally transferable assets
US20150206106A1 (en) 2014-01-13 2015-07-23 Yaron Edan Yago Method for creating, issuing and redeeming payment assured contracts based on mathemematically and objectively verifiable criteria
US20150213433A1 (en) * 2014-01-28 2015-07-30 Apple Inc. Secure provisioning of credentials on an electronic device using elliptic curve cryptography
US9331856B1 (en) * 2014-02-10 2016-05-03 Symantec Corporation Systems and methods for validating digital signatures
CA3004250C (en) * 2014-03-18 2019-10-29 nChain Holdings Limited Virtual currency system
US11195154B2 (en) 2014-03-27 2021-12-07 Nokia Technologies Oy Method and apparatus for automatic inter-device authorisation
US9705683B2 (en) 2014-04-04 2017-07-11 Etas Embedded Systems Canada Inc. Verifiable implicit certificates
CA2985040A1 (en) * 2014-05-06 2015-12-03 Case Wallet, Inc. Cryptocurrency virtual wallet system and method
JP6813477B2 (en) 2014-05-09 2021-01-13 ヴェリタセウム アイエヌシー. A device, system, or method that facilitates value transfer between unreliable or unreliable parties.
US20150356523A1 (en) * 2014-06-07 2015-12-10 ChainID LLC Decentralized identity verification systems and methods
US10148441B2 (en) 2014-09-12 2018-12-04 Verisign, Inc. Systems, devices, and methods for detecting double signing in a one-time use signature scheme
US9705501B2 (en) * 2014-10-01 2017-07-11 Maxim Integrated Products, Inc. Systems and methods for enhancing confidentiality via logic gate encryption
EP3013014A1 (en) * 2014-10-21 2016-04-27 Gemalto Sa Method for accessing a service, corresponding first device, second device and system
US10409827B2 (en) * 2014-10-31 2019-09-10 21, Inc. Digital currency mining circuitry having shared processing logic
CN104463001A (en) * 2014-12-19 2015-03-25 比特卡国际有限公司 Method for independently generating and storing encrypted digital currency private key and device for bearing encrypted digital currency private key
EP3278287A4 (en) 2015-03-31 2018-08-22 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US20170091756A1 (en) * 2015-07-14 2017-03-30 Fmr Llc Point-to-Point Transaction Guidance Apparatuses, Methods and Systems
US10333705B2 (en) * 2016-04-30 2019-06-25 Civic Technologies, Inc. Methods and apparatus for providing attestation of information using a centralized or distributed ledger
KR102464299B1 (en) * 2016-07-29 2022-11-07 엔체인 홀딩스 리미티드 Blockchain implementation method and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150379510A1 (en) * 2012-07-10 2015-12-31 Stanley Benjamin Smith Method and system to use a block chain infrastructure and Smart Contracts to monetize data transactions involving changes to data included into a data supply chain.

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Mastering bitcoin : [unlocking digital cryptocurrencies]", 20 December 2014, O'REILLY MEDIA, Beijing Cambridge Farnham Köln Sebastopol Tokyo, ISBN: 978-1-4493-7404-4, article ANDREAS M. ANTONOPOULOS: "Mastering Bitcoin - Unlocking Digital Cryptocurrencies", XP055306939 *
ETHEREUM: "White Paper . ethereum/wiki Wiki . GitHub", 13 April 2016 (2016-04-13), pages 1 - 21, XP055376148, Retrieved from the Internet <URL:https://github.com/ethereum/wiki/wiki/White-Paper/5f59d858bf36d6f2f6650f1f30f0b8b015741d73> [retrieved on 20170526] *
PASQUALE FORTE ET AL: "Beyond Bitcoin - Part I: A critical look at blockchain-based systems", INTERNATIONAL ASSOCIATION FOR CRYPTOLOGIC RESEARCH,, vol. 20151202:213043, 1 December 2015 (2015-12-01), pages 1 - 34, XP061019757 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10642643B2 (en) 2017-02-28 2020-05-05 Alibaba Group Holding Limited Method and apparatus for writing service data into block chain and method for determining service subset
US10664305B1 (en) 2017-02-28 2020-05-26 Alibaba Group Holding Limited Method and apparatus for writing service data into block chain and method for determining service subset
EP3525498A1 (en) * 2018-02-08 2019-08-14 Sony Corporation Electronic devices, systems and methods for vehicular communication
WO2019154904A1 (en) * 2018-02-08 2019-08-15 Sony Corporation Electronic devices, systems and methods for vehicular communication
WO2019180733A1 (en) * 2018-03-23 2019-09-26 Ramesh Belavadi Nagarajaswamy System and method for composite-key based blockchain device control
CN111433797A (en) * 2018-03-23 2020-07-17 贝勒瓦底·纳加拉贾斯瓦米·拉梅什 Block chain equipment control system and method based on composite key
GB2582078A (en) * 2018-03-23 2020-09-09 Nagarajaswamy Ramesh Belavadi System and method for composite-key based blockchain device control
CN111433797B (en) * 2018-03-23 2023-03-28 贝勒瓦底·纳加拉贾斯瓦米·拉梅什 Block chain equipment control system and method based on composite key
CN108830463A (en) * 2018-05-29 2018-11-16 厦门哈希科技有限公司 A kind of storage method, device, storage medium, terminal device and the system of evaluation record
CN108830463B (en) * 2018-05-29 2021-03-19 厦门哈希科技有限公司 Evaluation record storage method, device, storage medium and system
US11227282B2 (en) 2018-08-20 2022-01-18 Probloch LLC Time-bounded activity chains with multiple authenticated agent participation bound by distributed single-source-of-truth networks that can enforce automated value transfer
KR20200063541A (en) * 2018-11-28 2020-06-05 주식회사 이와이엘 User authentication method and system using block chain based quantum entropy source
KR102218884B1 (en) 2018-11-28 2021-02-24 주식회사 이와이엘 User authentication method and system using block chain based quantum entropy source
US11455846B2 (en) 2019-01-03 2022-09-27 International Business Machines Corporation Consensus vehicular collision properties determination
WO2023117274A1 (en) * 2021-12-21 2023-06-29 Nchain Licensing Ag Signature-based atomic swap

Also Published As

Publication number Publication date
ZA201900510B (en) 2023-07-26
JP2023162388A (en) 2023-11-08
US11463260B2 (en) 2022-10-04
GB201611698D0 (en) 2016-08-17
CN109478278A (en) 2019-03-15
SG11201811008RA (en) 2019-01-30
CN109478278B (en) 2024-03-08
KR102467625B1 (en) 2022-11-16
SG10202112767PA (en) 2021-12-30
EP3482365A1 (en) 2019-05-15
JP2019526192A (en) 2019-09-12
JP7344350B2 (en) 2023-09-13
US20210194697A1 (en) 2021-06-24
KR20190025942A (en) 2019-03-12
JP2022126806A (en) 2022-08-30
US20230144153A1 (en) 2023-05-11
JP7096774B2 (en) 2022-07-06

Similar Documents

Publication Publication Date Title
US20230144153A1 (en) Blockchain-implemented control method and system for controlling an external process or system
JP7385600B2 (en) Method and system for automatic object recognition and authentication
TWI770022B (en) Computer implemented control method, system and control system
US11405395B2 (en) Accessing an internet of things device using blockchain metadata
US20170324711A1 (en) Method for establishing, securing and transferring computer readable information using peer-to-peer public and private key cryptography
WO2019195691A1 (en) Discrete blockchain and blockchain communications
CN109314636A (en) Cryptographic method and system for secure extraction of data from blockchains
WO2017066715A1 (en) Systems and methods for managing digital identities
CN111295655B (en) Computer system and method for distributed privacy-preserving shared execution of one or more processes
Buldin et al. Next generation industrial blockchain-based wireless sensor networks
Malik et al. Building a secure platform for digital governance interoperability and data exchange using blockchain and deep learning-based frameworks
Haque et al. Emergence of blockchain technology: a reliable and secure solution for IoT systems
CN115567540A (en) Online learning evaluation method and system based on block chain technology
Dascano Blockchain Explained: Learning the essentials
Islam et al. Blockchain-based decentralized digital self-sovereign identity wallet for secure transaction
WO2017065122A1 (en) Device for adding secret authentication code, method for adding secret authentication code, and program
Saikumar et al. Enhancing the Protection of Information in Digital Voting Using Application of Block Chain Technology
Subha et al. Integration of IOT with Block Chain Technology for the Technology Advancement
Mounir et al. Cybersecurity Management in Cyber-Physical Systems Using Blockchain
Kashyap et al. Immutable and Privacy Protected E-Certificate Repository on Blockchain
Ramalingaiah et al. Study of blockchain with bitcoin based fund raise use case using laravel framework
Rodrigues Cyber ethics of blockchain, AI and worldcoin
Jacobs et al. Biometrics and Smart Cards in Identity Management
Mata et al. Blockchain technology for improving land registration system in an emerging economy
Kavya Survey on encryption approaches using information fusion with biometrics

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17740487

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2018567907

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20197002687

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2017740487

Country of ref document: EP

Effective date: 20190205